Fix XSS in Delete Repository page

dregad · dregad · commit 270675c964c6 · 2020-02-13T14:36:11.000+01:00
Fixes #338
diff --git a/Source/pages/repo_delete.php b/Source/pages/repo_delete.php
@@ -10,7 +10,8 @@
 
 $t_repo = SourceRepo::load( $f_repo_id );
 
-helper_ensure_confirmed( sprintf( plugin_lang_get( 'ensure_delete' ), $t_repo->name ), plugin_lang_get( 'delete_repository' ) );
+$t_message = sprintf( plugin_lang_get( 'ensure_delete' ), string_attribute( $t_repo->name ) );
+helper_ensure_confirmed( $t_message, plugin_lang_get( 'delete_repository' ) );
 
 SourceRepo::delete( $t_repo->id );
 
